Tag-Archive for » privacy «

Friday, August 21st, 2009 | Author:

Have we here a Facebook Stalker?!

Of great consideration to online privacy are facebook stalkers. If a stalker randomly manages to add a few of your friends and you have your Profile Privacy Settings allowing “Friends of Friends” to see everything then your stalker effectively has access to your profile even without having added you.

I’ve now adjusted my privacy settings more strictly and I’ve used the “See how a friend sees your profile:” tool to get an idea of how it changes things.

My “Basic” Information I had available to “Friends of Friends”. This includes “Gender, Birthday, Hometown, Political and Religious Views and Relationship Status” according to Facebook’s description. You might think it fair that friends of your friends have an idea of how you roll.

But can you trust all your friends anti-stalker spidey-senses?

I think NOT.

I previously had it that friends of friends can see my photos and videos but not much else. I’m thinking of changing that now too.

But wait, there’s More!

Further to this, we should be vigilant of “fake” Facebook profiles. Stalkers are usually apt enough to create more than one account with fake names. If you block one they create another and attempt to get a glance at your profile once more. I’ve created a friend group called “Privacy Pls”. This group is limited from being able to see anything other than a very basic page. This “basic” view is akin to when you first started using Facebook and didn’t know you could add lots of stuff in there (stuff you later realised you didn’t want anyway).

If someone adds me and I’m not absolutely sure who it is, I add them to my “Privacy Pls” group. Also if someone adds me and I don’t want to offend them by ignoring their invite I’ll rather add them to this group. Perhaps you feel you have a pervy boss for example.

But Wait! There’s More – and this time you can do it TOO!

To do this for yourself, go to your Friends page, click “Create New List”, and name it something appropriate – “Privacy Pls” in my case. Add the appropriate friends to this list now or add any future “suspect” friends to the group.

Next, go to the Profile Privacy Settings page. Underneath each section you will find a “Edit Custom Settings” button. Click the first one and, at the bottom of the dialog that pops up, you will find “Except these people”. Add your “Privacy Pls” group here. Do the same for all the sections you don’t want them to see. When done, use the “friend’s view” tool to confirm what is made available to persons on that list.

And the Friend-of-Friend Stalker?

To prevent your “Friend-of-Friend” Stalker from being able to see your profile, do yourself a favour and think very critically about what you want potential stalkers to be able to see. Now go change those Privacy Settings to “Only Friends”.

For the Photo Crazy

Check up on your Photo Album Privacy settings. This is set up much the same as your profile settings. Consider carefully who you want to be able to see which photo albums and adjust the permissions appropriately!

Your Personal Contact Information

Lastly, check up on your Contact Information: Click the “Profile” button towards the top left of the Facebook page to get to your profile. Then click on the “Info” tab within your profile. When you mouseover the Contact Information section you will see an “Edit” link pop up on the right. Click this button to start editing your details.

Next to each item you will find a “lock” icon. Click this lock to define further permissions for which friends are able to see the items. You’ve never give your address and phone details to a dodgy stranger you meet on the street. Why do we then go and give it away to everyone on the Internet. I recommend the following:

  • Allow “No one” on:
    • email address
  • Allow “Only Friends” on:
    • IM Screen Names
  • Remove completely or allow “No one” on:
    • mobile phone number
    • landline number
  • Limit the following:
    • address details – give your area or suburb – but NOT your full address

Hopefully we don’t all have to learn our lessons the hard way.

P.S. (especially to the guys and gals who have asked) I’ve been extremely busy these last couple of weeks. I have a lot of unedited content I’m hoping to make publishable very soon!

Category: privacy, security  | Tags: , , ,  | One Comment
Sunday, April 26th, 2009 | Author:

Trust me. We’re still dealing with regexes – just in a roundabout (and vaguely practical) way. This is a pretty comprehensive listing of how to go about flushing DNS caches while using regexes to show where similar methods deviate.

Why do we want to clear DNS caches exactly?

There are a number of reasons to clear DNS caches, though I believe these are the most common:

  • An intranet service has an private (internal) IP address when on the company network but it has a public IP address for outside access. When you try to access that service from outside after accessing it from inside, there’s a chance that you would have cached the private (inaccessible) IP. A good long-term solution is to make the service inaccessible except via VPN. A simpler solution is to leave work at work. 😛
  • An internet service or web site changes their DNS settings and your desktop/laptop is looking at the “old” setting. In this case, the new setting has not yet propagated. Hosting Admins come across this case very often.
  • Privacy: If someone can track your DNS history then it wouldn’t be too hard to figure out which web sites you’ve been viewing. Though the individual pages you’ve viewed can’t be tracked in this way, the hostnames, such as “dogma.swiftspirit.co.za” or “google.com” will be in the DNS cache, likely in the order you first accessed each site. There are better ways to do this though. One example is to use a Tor network for all DNS requests.

Flushing Windows’ DNS cache, from command prompt:

Evidence suggests that prior to Windows 2000, Windows OS’s didn’t cache DNS results. The ipconfig command, run from the command prompt, was given some control over the DNS cache and has remained roughly the same since.

To get to the prompt if using Vista as non-Admin: Start -> Programs -> Accessories -> Right-click “Command Prompt” -> Run As Administrator

Otherwise: Start -> Run -> [cmd     ] -> [ OK ]

ipconfig /flushdns

Flush the DNS Resolver Cache in Windows

It is also possible to clear the cache in Windows by restarting the “DNS Client” or “Dnscache” service.

Flushing Mac OS X DNS cache, from shell prompt:

Since Mac OS X, Apple Macs have been running a Unix-based, POSIX-compliant, operating system based on Nextstep, itself originally containing code from FreeBSD and NetBSD. Mac OS X uses lookupd or dscacheutil to manage the DNS cache, depending on the version.

To get to the prompt: Applications -> Utilities -> Terminal

(lookupd|dscacheutil) -flushcache

What have we here? As per part 1, the vertical bar indicates that either “lookupd” OR “dscacheutil” are acceptable. The parenthesis indicate that the vertical bar only applies to the “lookupd|dscacheutil” portion of the expression. Thus, the ” -flushcache” is not optional and must be included in the command in order for it to work. Note that these commands produce no output unless there is an error.

Use dscacheutil if you’re using Mac OS X 10.5 (Leopard) or later.

Mac OS X:

lookupd -flushcache

Mac OS X Leopard:

dscacheutil -flushcache

Use dscacheutil to flush the cache in Mac OS X Leopard

There is also a GUI tool, DNS Flusher, which automatically uses the correct command available.

Flushing Linux/Unix’ DNS cache, from shell prompt:

N.B. If you don’t already have either bind (with caching lookup enabled), nscd, or dnsmasq installed and running on your *nix-based desktop/server, you are probably not caching DNS at all and there is nothing to flush. In that case you will be utilising your DNS server for every web request, probably slowing your web experience.* If so, I recommend at least installing nscd as it is the easiest to set up. **

Flushing nscd’s cache

As with the Mac OS command, this produces absolutely no output unless there is an error:

(|sudo )(|/usr/sbin/)nscd -i hosts
  • Use sudo if you’re not already root otherwise the first selection is blank.
  • Specify /usr/sbin/ if nscd is not already within the “path”. If your distribution has nscd in a strange place, locate it first:
locate -r bin/nscd$

Notice that the above “bin/nscd$” is itself a regular expression. 🙂

Using nscd, invalidate the “hosts” cache, logged in as a user:
sudo nscd -i hosts
Using nscd, invalidate the “hosts” cache, logged in as root:
nscd -i hosts
Using nscd, invalidate the “hosts” cache, logged in as root, specifying the full path:
/usr/sbin/nscd -i hosts

Flushing bind’s cache

To flush bind’s cache, we issue a command via rndc. Use sudo if you are not already root:

(|sudo )rndc flush

Restarting the cacheing services also works!

Here’s how to restart either of the caching daemons:

(|sudo )(service |/etc/(rc\.d|rc\.d/init\.d|init\.d)/)(bind|dnsmasq|nscd) restart

That’s starting to get difficult to read. *** Luckily I’ve explained in detail:

  • As with the previous command, use sudo if you’re not already root.
  • The second selection has the first option “service “. This applies mainly to Red Hat/CentOS and Fedora systems.
  • The “/etc/(rc\.d|rc\.d/init\.d|init\.d)/” needs to be expanded further. This is for most other systems. Generally, the rc.d is for if you’re using a BSD-style init system (for example: Arch Linux, FreeBSD, or OpenBSD). The best way to know for sure which command to use is to ‘locate’ the correct nscd or dnsmasq path. Most Unix flavours, even Solaris, use nscd:
locate -r \.d/nscd$ ; locate -r \.d/dnsmasq$ ; locate -r \.d/rndc$
  • The last choice is between “bind”, “nscd”, and “dnsmasq”. This depends entirely on which is installed and in use.
  • The last of the pattern, ” restart”, is the instruction given to the daemon’s control script.

Arch, using dnsmasq, restarting the cache daemon, logged in as root:

/etc/rc.d/dnsmasq restart

Arch, using nscd, restarting the cache daemon, logged in as user:

sudo /etc/rc.d/nscd restart

CentOS / Red Hat, using nscd, restarting the daemon, as root:

service nscd restart


Flush Mozilla Firefox’s internal DNS cache:

Mozilla Firefox keeps its own DNS cache for performance. Firefox 2 would cache only 20 entries for up to 60 seconds. The default setting as of Firefox 3 appears to be 512 entries for up to 60 minutes which seems much more reasonable for every-day browsing. If your desktop has a built-in cache (which most now do) then the cache here is actually redundant. I’m not aware of any other browsers that implement DNS caching.

I’ve found a few solutions for when you need to clear the cache. It seems there are many ways to do this however these are the easiest, which I’ve put into order of preference.:

  1. Install the Firefox DNS Flusher Addon – provides a button to flush the cache.
  2. Install the DNS Cache Addon – provides a toggle which disables or enables the DNS cache.
  3. Clear Cache (clears browser cache as well as DNS Cache): Select Tools -> Clear Private Data; Deselect all checkboxes except for Cache; Click [ Clear Private Data Now ].
  4. Manually do what DNS Cache does: set the following 2 about:config options “network.dnsCacheExpiration” and “network.dnsCacheEntries” to 0 and then back to the default.

I had a bad cached record and I cleared my browser’s cache. But its still giving me the wrong info. What gives?

Because of how DNS propagation works, you preferably need to flush the DNS on all DNS hosts between yourself and the “authoritive” host, starting with the host closest to the authoritive host (furthest away from your browser).

As an example, if you have a router that is caching DNS, reset the router’s cache before restarting the DNS cache of your operating system, and only then should you clear the cache in Firefox. The reason is that even if you only clear your OS and Firefox’s caches, your desktop is still going to ask the router for its bad record anyway.

What if my DNS server is a server on the net outside my control?

You could try temporarily using a different nameserver, possibly even a publicly open server. OpenDNS shows some good information on how to do this. If you’d like, you should also be able to get relevant information from your own ISP regarding their resolving DNS servers. A local example (South Africa) is SAIX which lists their resolving DNS servers.

* Likely the reason why Firefox has a DNS cache built-in ****
** “((pacman|yaourt) -S|emerge|(yum|aptitude|apt-get) install) nscd” and then ensure that the service is added to the startup scripts. Refer to your distribution’s installation documentation.
*** I’m looking for a syntax highlighting plugin that can work with regex
**** I’ve read statements that restarting the network(ing|) service also clears the DNS cache however I haven’t seen any evidence that this is true. If anyone has a example where this is true, please provide me with the details.
Friday, November 21st, 2008 | Author:

So I gots me s’more spam to mah mobile. o.O

Thankfully, it turns out that there is some proper recourse. Thanks to Stefano for pointing me in the right direction. (original post here)

WASPA (or Wireless Application Service Providers’ Association) is the “Industry Body” for Wireless Service Providers in SA. They have a complaints page where you get to submit all the juicy details about how a WASPA (or WASP) has breached the WASPA Code of Conduct.

Perhaps the provider in question gets featured on the complaint reports page – where everyone will see how much they’ve been fined along with a full report of the complaint. This includes WASPA’s investigation and a summary of the communications with the Service Provider concerning the matter. Importantly, its all publicly accessible.

I just wish people actually KNEW about this thing though. I certainly didn’t know that a WASP isn’t just the name of a (usually) flying insect? Yeah – turns out some wasps don’t have wings and are mistaken for ants… go figure.

Back to the topic at hand: Spread the word! And lodge your complaints!

Category: mobile, privacy, rights  | Tags: , , , , ,  | 4 Comments
Thursday, November 13th, 2008 | Author:

I don’t receive much spam to my mobile phone. I have received random sms’s on occasion about “special” offers and so forth. Someone also once sms’d “on my behalf” to one of those late-night e-tv specials adverts. Every month I receive an enticing message informing me about what I’m missing out on. I wonder though, is there a no-send list I can add myself to at MTN, Vodacom, or Cell-C?

Can any cellular provider list all the companies that have sent you sms’s through bulk sms systems in the last month, for example? And can I tell my cellular provider to CAN that SPAM without having to send an sms costing me R7.50 with the word “STOP”? [edit… turns out this SMS is supposed to be charged at the lowest possible rate. Thanks, Tumbleweed]

Lastly, I’ve heard of these services where you pay to receive content perpetually. Perpetually in that its a service where they assume you want them to charge you R5 every day to send you something. My sister had an issue where she never had airtime. It was because her R20 weekly allowance would be swallowed whole the next day by one of these “services” which sent her a silly picture and deducted R10. She could have downloaded the same or similar picture using her computer for about 5c using Google‘s image search and I’d have sized and cropped it to fit her phone’s screen perfectly with no visible distortion or aliasing. At the same time, they claim copyright on the content which is LAME. I’ll bet they’re stealing the pictures from the Internet themselves anyway.

In the end it was easier for her to get a new prepaid number. I just hope that they’re not still going to send more content to whoever gets her old number after its recycled. 😮